AI News Stories | Episode 33
🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits –
AI News | Episode 33
In this episode of BHIS Presents: AI Security Ops, the panel dives into the latest developments shaping the AI security landscape. From the first documented AI-orchestrated cyber-espionage campaign to polymorphic malware powered by Gemini, we explore how agentic AI, insecure infrastructure, and old-school mistakes are creating a fragile new attack surface.
We break down:
In this episode of BHIS Presents: AI Security Ops, the panel dives into the latest developments shaping the AI security landscape. From the first documented AI-orchestrated cyber-espionage campaign to polymorphic malware powered by Gemini, we explore how agentic AI, insecure infrastructure, and old-school mistakes are creating a fragile new attack surface.
We break down:
- AI-driven cyber espionage: Anthropic disrupts a state-sponsored campaign using autonomous
- Black-hat LLMs: KawaiiGPT democratizes offensive capabilities for script kiddies.
- Critical RCEs in AI stacks: ShadowMQ vulnerabilities hit Meta, NVIDIA, Microsoft, and more.
- Amazon’s private AI bug bounty: Nova models under the microscope.
- Google Antigravity IDE popped in 24 hours: Persistent code execution flaw.
- PROMPTFLUX malware: Polymorphic VBScript leveraging Gemini for hourly rewrites.
Whether you’re defending enterprise AI deployments or building secure agentic tools, this episode will help you understand the emerging risks and what you can do to stay ahead.
⏱️ Chapters
- (00:00) - Intro & Sponsor Shoutouts
- (01:27) - AI-Orchestrated Cyber Espionage (Anthropic)
- (08:10) - ShadowMQ: Critical RCE in AI Inference Engines
- (09:54) - KawaiiGPT: Free Black-Hat LLM
- (22:45) - Amazon Nova: Private AI Bug Bounty
- (26:38) - Google Antigravity IDE Hacked in 24 Hours
- (31:36) - PROMPTFLUX: Malware Using Gemini for Polymorphism
đź”— Links
AI-Orchestrated Cyber Espionage (Anthropic)
ShadowMQ: Critical RCE in AI Inference Engines
KawaiiGPT: Free Black-Hat LLM
Amazon Nova: Private AI Bug Bounty
Google Antigravity IDE Hacked in 24 Hours
PROMPTFLUX: Malware Using Gemini for Polymorphism
#AISecurity #Cybersecurity #BHIS #LLMSecurity #AIThreats #AgenticAI #BugBounty #malware
Brought to you by Black Hills Information Security
Antisyphon Training
----------------------------------------------------------------------------------------------
Joff Thyer - https://blackhillsinfosec.com/team/joff-thyer/
Derek Banks - https://www.blackhillsinfosec.com/team/derek-banks/
Brian Fehrman - https://www.blackhillsinfosec.com/team/brian-fehrman/
Bronwen Aker - http://blackhillsinfosec.com/team/bronwen-aker/
Ben Bowman - https://www.blackhillsinfosec.com/team/ben-bowman/
Creators and Guests
Host
Brian Fehrman
Brian Fehrman is a long-time BHIS Security Researcher and Consultant with extensive academic credentials and industry certifications who specializes in AI, hardware hacking, and red teaming, and outside of work is an avid Brazilian Jiu-Jitsu practitioner, big-game hunter, and home-improvement enthusiast.
Host
Derek Banks
Derek is a BHIS Security Consultant, Penetration Tester, and Red Teamer with advanced degrees, industry certifications, and broad experience across forensics, incident response, monitoring, and offensive security, who enjoys learning from colleagues, helping clients improve their security, and spending his free time with family, fitness, and playing bass guitar.